Patrick Shanahan wrote:
* Benji Weber <b.weber@warwick.ac.uk> [07-16-07 05:04]:
set the following line
FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=3,blockseconds=120,recentname=ssh"
in /etc/sysconfig/SuSEfirewall2 This will limit to a maximum of 3 attempts per 120s.
This works *very* well, even better than fail2ban, imo. Is there a similar line that will effect the same on postifx attempts rather than using fail2ban?
Yikes - These are 2 different beasts. With ssh, users authenticate and gain access to your system. With smtp, users don't authenticate or gain access to your system, they simply send messages. What would you use as a measure of "bad" email senders? IMHO blocking off your smtp server would work out about as well as firewalling off the public web site which powers your business. If you want to limit the riffraff trying to send spam, the best tools are things like greylisting, RBLs etc. Look into those if you're serious about smtp. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org